How To Fight Spam Using Your Postfix Configuration

Discussion in 'HOWTO-Related Questions' started by WaveQam, Jan 2, 2007.

  1. WaveQam

    WaveQam New Member

    Good day all,

    Some newbie help please. I have read through this how to (How To Fight Spam Using Your Postfix Configuration) and would be interested in implementing it.

    My concern making changes to a live system. I guess I clould backuup my and so I can revert back to them.

    I have a few questions regarding these suggestions.

    I am running a virtual server. The fqdn is, I am hosting for,, which are three of our systems. These all resolve back to the ip address

    I have a very simple

    biff = no
    append_dot_mydomain = no
    smtpd_tls_cert_file = /etc/postfix/ssl/smtpd.crt
    smtpd_tls_key_file = /etc/postfix/ssl/smtpd.key
    smtpd_use_tls = yes
    smtpd_tls_session_cache_database = btree:${queue_directory}/smtpd_scache
    smtp_tls_session_cache_database = btree:${queue_directory}/smtp_scache
    alias_maps = hash:/etc/aliases
    alias_database = hash:/etc/aliases
    myorigin = /etc/mailname
    mydestination =,, , localhost
    mynetworks =,,,,,,,,,,,,,,
    mailbox_command =
    mailbox_size_limit = 0
    recipient_delimiter = +
    inet_protocols = all
    smtpd_sasl_local_domain =
    smtpd_sasl_auth_enable = yes
    smtpd_sasl_security_options = noanonymous
    broken_sasl_auth_clients = yes
    smtpd_recipient_restrictions = permit_sasl_authenticated,permit_mynetworks,reject_unauth_destination
    smtpd_tls_auth_only = no
    smtp_use_tls = yes
    smtp_tls_note_starttls_offer = yes
    smtpd_tls_CAfile = /etc/postfix/ssl/cacert.pem
    smtpd_tls_loglevel = 1
    smtpd_tls_received_header = yes
    smtpd_tls_session_cache_timeout = 3600s
    tls_random_source = dev:/dev/urandom
    home_mailbox = Maildir/
    virtual_alias_maps = hash:/etc/postfix/virtual

    smtpd_client_restrictions = reject_rbl_client

    smtpd_error_sleep_time = 1s
    smtpd_soft_error_limit = 10
    smtpd_hard_error_limit = 20

    message_size_limit = 5120000

    my users login with user.domain, the email address is [email protected], I am not using mysql for authentication.

    How can I tighten up whats comming in.

  2. falko

    falko Super Moderator ISPConfig Developer

  3. WaveQam

    WaveQam New Member


    Thanx again - seems to be working - i will know better once I get the loggin issues sorted out so I can get a better look at the log files to check performance.


Share This Page